How to set up your FortiADC : Updating the firmware : Installing firmware
 
Installing firmware
You can use either the web UI or the CLI to upgrade or downgrade the appliance’s operating system.
Firmware changes are either:
an update to a newer version
a reversion to an earlier version
To determine if you are updating or reverting the firmware, go to System > Status > Dashboard and in the System Information widget, see the Firmware Version row. (Alternatively, in the CLI, enter the command get system status.)
For example, if your current firmware version is:
FortiADC‑VM v2.1.0,build0056,130328
changing to
FortiADC‑VM v2.1.0,build0055,130228
an earlier build number (55) and date (130228 means February 28, 2013), indicates that you are reverting.
 
Back up your configuration before beginning this procedure.
Reverting to an earlier firmware version could reset settings that are not compatible with the new firmware. For information on backups, see “Backups”. For information on reconnecting to a FortiADC appliance whose network interface configuration has been reset, see “Connecting to the web UI or CLI”.
 
If you are installing a firmware version that requires a different size of system partition, you may be required to format the boot device before installing the firmware by re-imaging the boot device. Consult the Release Notes. In that case, do not install the firmware using this procedure. Instead, see “Restoring firmware (“clean install”)”.
To install firmware via the web UI
1. Download the firmware file from the Fortinet Technical Support web site:
https://support.fortinet.com/
2. Log in to the web UI of the FortiADC appliance as the admin administrator.
 
Updating firmware on an HA pair requires some additions to the usual steps for a standalone appliance. For details, see “Updating firmware on an HA pair”.
3. Go to System > Status > Dashboard.
4. In the System Information widget, in the Firmware Version row, click Update.
Figure 5: System Information widget
The Firmware Upgrade/Downgrade dialog appears.
5. Click Browse or Choose File (the button’s name varies by your browser) to locate and select the firmware file that you want to install, then click OK.
6. Click OK.
Your management computer uploads the firmware image to the FortiADC appliance. The FortiADC appliance installs the firmware and restarts. The time required varies by the size of the file and the speed of your network connection.
 
If you are downgrading the firmware to a previous version, and the settings are not fully backwards compatible, the FortiADC appliance may either remove incompatible settings, or use the feature’s default values for that version of the firmware. You may need to reconfigure some settings.
7. Clear the cache of your web browser and restart it to ensure that it reloads the web UI and correctly displays all interface changes. For details, see your browser's documentation.
8. To verify that the firmware was successfully installed, log in to the web UI and go to System > Status > Dashboard.
In the System Information widget, the Firmware Version row indicates the currently installed firmware version.
9. If you want to install alternate firmware on the secondary partition, follow “Installing alternate firmware”.
10. Continue with “Changing the “admin” account password”.
 
Installing firmware replaces the current attack definitions with those included with the firmware release that you are installing. If you are updating or rearranging an existing deployment, after you install new firmware, make sure that your attack definitions are up-to-date. For more information, see “Manually initiating update requests”.
To install firmware via the CLI
1. Download the firmware file from the Fortinet Technical Support web site:
https://support.fortinet.com/
2. Connect your management computer to the FortiADC console port using a RJ-45-to-DB-9 serial cable or a null-modem cable.
 
Updating firmware on an HA pair requires some additions to the usual steps for a standalone appliance. For details, see “Updating firmware on an HA pair”.
3. Initiate a connection from your management computer to the CLI of the FortiADC appliance, and log in as the admin administrator.
For details, see “Connecting to the web UI or CLI”.
4. Connect port1 of the FortiADC appliance directly or to the same subnet as a TFTP server.
5. Copy the new firmware image file to the root directory of the TFTP server.
6. If necessary, start your TFTP server. (If you do not have one, you can temporarily install and run one such as tftpd (Windows, Mac OS X, or Linux) on your management computer.)
 
Because TFTP is not secure, and because it does not support authentication and could allow anyone to have read and write access, you should only run it on trusted administrator-only networks, never on computers directly connected to the Internet. If possible, immediately turn off tftpd off when you are done.
7. Verify that the TFTP server is currently running, and that the FortiADC appliance can reach the TFTP server.
To use the FortiADC CLI to verify connectivity, enter the following command:
execute ping 192.168.1.168
where 192.168.1.168 is the IP address of the TFTP server.
8. Enter the following command to download the firmware image from the TFTP server to the FortiADC appliance:
execute restore image tftp <filename_str> <tftp_ipv4>
where <filename_str> is the name of the firmware image file and <tftp_ipv4> is the IP address of the TFTP server. For example, if the firmware image file name is image.out and the IP address of the TFTP server is 192.168.1.168, enter:
execute restore image tftp image.out 192.168.1.168
One of the following message appears:
This operation will replace the current firmware version!
Do you want to continue? (y/n)
or:
Get image from tftp server OK.
Check image OK.
This operation will downgrade the current firmware version!
Do you want to continue? (y/n)
9. Type y.
The FortiADC appliance downloads the firmware image file from the TFTP server. The FortiADC appliance installs the firmware and restarts:
MAC:00219B8F0D94
###########################
Total 28385179 bytes data downloaded.
Verifying the integrity of the firmware image.
Save as Default firmware/Backup firmware/Run image without saving:[D/B/R]?
 
If the download fails after the integrity check with the error message:
invalid compressed format (err=1)
but the firmware matches the integrity checksum on the Fortinet Technical Support web site, try a different TFTP server.
The time required varies by the size of the file and the speed of your network connection.
 
If you are downgrading the firmware to a previous version, the FortiADC appliance reverts the configuration to default values for that version of the firmware. You will need to reconfigure the FortiADC appliance or restore the configuration file from a backup. For details, see “Connecting to the web UI or CLI” and, if you opt to restore the configuration, “Restoring a previous configuration”.
10. To verify that the firmware was successfully installed, log in to the CLI and type:
get system status
The firmware version number is displayed.
11. If you want to install alternate firmware on the secondary partition, follow “Installing alternate firmware”.
12. Continue with “Changing the “admin” account password”.
See also
Updating firmware on an HA pair
Installing alternate firmware